Filtered by vendor Nvidia
Subscriptions
Total
665 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-0200 | 1 Nvidia | 2 Bmc, Dgx-2 | 2025-02-04 | 7.5 High |
| NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. | ||||
| CVE-2023-0201 | 1 Nvidia | 2 Bmc, Dgx-2 | 2025-02-04 | 6.7 Medium |
| NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure. | ||||
| CVE-2023-0202 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2025-02-04 | 7.5 High |
| NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure. | ||||
| CVE-2023-0203 | 1 Nvidia | 4 Connectx-5, Connectx-6, Connectx-6-dx and 1 more | 2025-02-04 | 5 Medium |
| NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service. | ||||
| CVE-2023-25505 | 1 Nvidia | 2 Bmc, Dgx-1 | 2025-02-04 | 7.8 High |
| NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to denial of service, information disclosure, or arbitrary code execution. | ||||
| CVE-2023-25506 | 1 Nvidia | 2 Dgx-1, Sbios | 2025-02-04 | 7.5 High |
| NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components. | ||||
| CVE-2023-25507 | 1 Nvidia | 2 Bmc, Dgx-1 | 2025-02-04 | 7.2 High |
| NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2023-25508 | 1 Nvidia | 2 Bmc, Dgx-1 | 2025-02-04 | 6.7 Medium |
| NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2023-25509 | 1 Nvidia | 2 Dgx-1, Sbios | 2025-02-04 | 6 Medium |
| NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges. | ||||
| CVE-2023-25510 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-02-04 | 3.3 Low |
| NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer dereference in cuobjdump, where a local user running the tool against a malformed binary may cause a limited denial of service. | ||||
| CVE-2023-25511 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-02-04 | 3.3 Low |
| NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerability in cuobjdump, where a division-by-zero error may enable a user to cause a crash, which may lead to a limited denial of service. | ||||
| CVE-2023-25512 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-02-04 | 5.3 Medium |
| NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds memory read by running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure. | ||||
| CVE-2023-25513 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-02-04 | 5.3 Medium |
| NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure. | ||||
| CVE-2023-25514 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-02-04 | 5.3 Medium |
| NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure. | ||||
| CVE-2024-0135 | 1 Nvidia | 1 Container Toolkit | 2025-01-28 | 7.6 High |
| NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2024-0136 | 1 Nvidia | 1 Container Toolkit | 2025-01-28 | 7.6 High |
| NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2024-0137 | 1 Nvidia | 1 Container Toolkit | 2025-01-28 | 5.5 Medium |
| NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to denial of service and escalation of privileges. | ||||
| CVE-2024-0104 | 1 Nvidia | 8 Mga100-hs2, Mlnx-gw, Mlnx-os and 5 more | 2024-12-26 | 4.2 Medium |
| NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in the LDAP AAA component, where a user can cause improper access. A successful exploit of this vulnerability might lead to information disclosure, data tampering, and escalation of privileges. | ||||
| CVE-2024-0101 | 1 Nvidia | 13 Mellanox Os Firmware, Metro-3 Xc Firmware, Metrox-2 Firmware and 10 more | 2024-12-26 | 7.5 High |
| NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter, where improper ipfilter definitions could enable an attacker to cause a failure by attacking the switch. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2024-0113 | 1 Nvidia | 12 Mellanox Os Firmware, Metrox-2 Firmware, Metrox-3 Xc Firmware and 9 more | 2024-12-26 | 7.5 High |
| NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. A successful exploit of this vulnerability might lead to escalation of privileges and information disclosure. | ||||